Only a few days remain until the EU-wide GDPR (General Data Protection Regulation) comes into force 25th May 2018. GDPR concerns all companies processing personal data of EU residents. From the end of May this year, companies that have so far successfully ignored this topic, risk being threatened by a letter from a lawyer or worse: The new regulation provides for fines in the millions. What can those responsible now do to prevent this?